package cn.topcodes.tcsf.admin.web.security;

import cn.topcodes.tcsf.admin.commons.domain.ValueRangeConstant;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import java.io.IOException;

public class AdminPermissionsAuthorizationFilter extends PermissionsAuthorizationFilter {

	@Override
	public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
			throws IOException {
		Subject subject = getSubject(request, response);
		if(subject.hasRole(ValueRangeConstant.BuiltInRole.ROLE_DEVELOPER)) {
			return true;
		}

		String[] perms = (String[])((String[])mappedValue);
		if(perms != null && perms.length > 0) {
			for(String perm : perms) {
				if(subject.isPermitted(perm)) {
					return true;
				}
			}
		}
		return false;
	}

}
